Cloudflare Access not working properly when logging in

What is the name of the domain?

cloudflareaccess.com

What is the issue you’re encountering

Hi, Im having a problem with cloudflare access, whenever I try to log into cloudflare access dashboard or just add a new device to warp gateway (basically with the whole .cloudflareaccess.com domain), it just doesnt work. No logs from it, no email code, and when i try it with github, it just spews out “that account doesnt have access”. I already checked it more than 10 times to make sure its the right account and that the rules are set properly. Last log i have from cloudflareaccess is from 5.Nov when it decided to work and log me in with my github account. Thanks for any help

May I ask did you added your team name in front, e.g. myteamname.cloudflareaccess.com? :thinking:

Have you tried accessing myteamname.cloudflareaccess.com/warp as well or? :thinking:

Are you using some IdP like Google or Azure, or Github as you’re stating?

How is your Access policy configured?

Hi, thanks for your reply and yes I tried accessing myteamdomain.cloudflareaccess.com and also /warp. I’m just having problems, cuz it’s just working whenever it wants, I kept the same config from like a month ago, but I can only login sometimes. The /warp sometimes just 403s me, like gives me the forbidden page, sometimes it lets me to the login page, but when I try to log in then my account doesn’t have access or smth, it has worked a few times already, but sometimes it just decides not to. Same with the domain.cloudflareaccess.com, but that doesn’t show me the 403 error page, also both of these seem to not log sometimes stuff in the “access log” as there is nothing in the dashboard from it. Well the problem seems to be that it doesn’t work sometimes as it should, no idea why. BTW I did try other isp (my home one, mobile plan, work network etc). And also yes I currently have set up GitHub and OTP to log in. Gonna send the config in the next msg.

This is the warp device enrollment policy


This is the app launcher access policy
Btw yes my email IS on the lists set up, YES I’m using gateway etc made sure I match them all and it’s still not working sometimes :man_shrugging:

Also forgot to send the access group config you see there
Admin group requires “admin” email list, in case it gets unsorted
This is the “everyone” group



This is the “ADMIN” group